| # Licensed under the Apache License, Version 2.0 (the "License"); |
| # you may not use this file except in compliance with the License. |
| # You may obtain a copy of the License at |
| # |
| # http://www.apache.org/licenses/LICENSE-2.0 |
| # |
| # Unless required by applicable law or agreed to in writing, software |
| # distributed under the License is distributed on an "AS IS" BASIS, |
| # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| # See the License for the specific language governing permissions and |
| # limitations under the License. |
| |
| # Default values for openvswitch. |
| # This is a YAML-formatted file. |
| # Declare name/value pairs to be passed into your templates. |
| # name: value |
| |
| --- |
| release_group: null |
| |
| images: |
| tags: |
| openvswitch_db_server: docker.io/openstackhelm/openvswitch:latest-ubuntu_focal |
| openvswitch_vswitchd: docker.io/openstackhelm/openvswitch:latest-ubuntu_focal |
| dep_check: quay.io/airshipit/kubernetes-entrypoint:v1.0.0 |
| image_repo_sync: docker.io/library/docker:17.07.0 |
| pull_policy: "IfNotPresent" |
| local_registry: |
| active: false |
| exclude: |
| - dep_check |
| - image_repo_sync |
| |
| labels: |
| ovs: |
| node_selector_key: openvswitch |
| node_selector_value: enabled |
| |
| pod: |
| tini: |
| enabled: true |
| tolerations: |
| openvswitch: |
| enabled: false |
| tolerations: |
| - key: node-role.kubernetes.io/master |
| operator: Exists |
| effect: NoSchedule |
| - key: node-role.kubernetes.io/control-plane |
| operator: Exists |
| effect: NoSchedule |
| probes: |
| ovs: |
| ovs_db: |
| liveness: |
| enabled: true |
| params: |
| initialDelaySeconds: 60 |
| periodSeconds: 30 |
| timeoutSeconds: 5 |
| readiness: |
| enabled: true |
| params: |
| initialDelaySeconds: 90 |
| periodSeconds: 30 |
| timeoutSeconds: 5 |
| ovs_vswitch: |
| liveness: |
| enabled: true |
| params: |
| initialDelaySeconds: 60 |
| periodSeconds: 30 |
| timeoutSeconds: 5 |
| readiness: |
| enabled: true |
| params: |
| failureThreshold: 3 |
| periodSeconds: 10 |
| timeoutSeconds: 1 |
| security_context: |
| ovs: |
| pod: |
| runAsUser: 42424 |
| container: |
| perms: |
| runAsUser: 0 |
| allowPrivilegeEscalation: false |
| readOnlyRootFilesystem: true |
| server: |
| runAsUser: 42424 |
| allowPrivilegeEscalation: false |
| readOnlyRootFilesystem: true |
| modules: |
| runAsUser: 0 |
| capabilities: |
| add: |
| - SYS_MODULE |
| - SYS_CHROOT |
| readOnlyRootFilesystem: true |
| vswitchd: |
| runAsUser: 0 |
| capabilities: |
| add: |
| - NET_ADMIN |
| readOnlyRootFilesystem: true |
| dns_policy: "ClusterFirstWithHostNet" |
| lifecycle: |
| upgrades: |
| daemonsets: |
| pod_replacement_strategy: RollingUpdate |
| ovs: |
| enabled: true |
| min_ready_seconds: 0 |
| max_unavailable: 1 |
| resources: |
| enabled: false |
| ovs: |
| db: |
| requests: |
| memory: "128Mi" |
| cpu: "100m" |
| limits: |
| memory: "1024Mi" |
| cpu: "2000m" |
| vswitchd: |
| requests: |
| memory: "128Mi" |
| cpu: "100m" |
| limits: |
| memory: "1024Mi" |
| cpu: "2000m" |
| # set resources to enabled and specify one of the following when using dpdk |
| # hugepages-1Gi: "1Gi" |
| # hugepages-2Mi: "512Mi" |
| jobs: |
| image_repo_sync: |
| requests: |
| memory: "128Mi" |
| cpu: "100m" |
| limits: |
| memory: "1024Mi" |
| cpu: "2000m" |
| user: |
| nova: |
| uid: 42424 |
| |
| secrets: |
| oci_image_registry: |
| openvswitch: openvswitch-oci-image-registry-key |
| |
| endpoints: |
| cluster_domain_suffix: cluster.local |
| local_image_registry: |
| name: docker-registry |
| namespace: docker-registry |
| hosts: |
| default: localhost |
| internal: docker-registry |
| node: localhost |
| host_fqdn_override: |
| default: null |
| port: |
| registry: |
| node: 5000 |
| oci_image_registry: |
| name: oci-image-registry |
| namespace: oci-image-registry |
| auth: |
| enabled: false |
| openvswitch: |
| username: openvswitch |
| password: password |
| hosts: |
| default: localhost |
| host_fqdn_override: |
| default: null |
| port: |
| registry: |
| default: null |
| |
| network_policy: |
| openvswitch: |
| ingress: |
| - {} |
| egress: |
| - {} |
| |
| dependencies: |
| dynamic: |
| common: |
| local_image_registry: |
| jobs: |
| - openvswitch-image-repo-sync |
| services: |
| - endpoint: node |
| service: local_image_registry |
| static: |
| ovs: null |
| image_repo_sync: |
| services: |
| - endpoint: internal |
| service: local_image_registry |
| |
| manifests: |
| configmap_bin: true |
| daemonset: true |
| daemonset_ovs_vswitchd: true |
| job_image_repo_sync: true |
| network_policy: false |
| secret_registry: true |
| |
| conf: |
| poststart: |
| timeout: 5 |
| rootUser: "root" |
| extraCommand: null |
| openvswitch_db_server: |
| ptcp_port: null |
| ovs_other_config: |
| handler_threads: null |
| revalidator_threads: null |
| ovs_hw_offload: |
| enabled: false |
| ovs_dpdk: |
| enabled: false |
| ## Mandatory parameters. Please uncomment when enabling DPDK |
| # socket_memory: 1024 |
| # hugepages_mountpath: /dev/hugepages |
| # vhostuser_socket_dir: vhostuser |
| # |
| ## Optional hardware specific parameters: modify to match NUMA topology |
| # mem_channels: 4 |
| # lcore_mask: 0x1 |
| # pmd_cpu_mask: 0x4 |
| # |
| ## Optional driver to use. Driver name should be the same as the one |
| ## specified in the ovs_dpdk section in the Neutron values and vice versa |
| # driver: vfio-pci |
| # |
| ## Optional security feature |
| # vHost IOMMU feature restricts the vhost memory that a virtio device |
| # access, available with DPDK v17.11 |
| # vhost_iommu_support: true |
| |
| ## OVS supports run in non-root for both OVS and OVS DPDK mode, you can |
| # optionally specify to use user with id 42424, ensure the user exists |
| # in the container image. |
| ovs_user_name: "openvswitch:openvswitch" |
| ... |